ios隐私政策

Apple’s new iOS 14 is yet to officially hit the market. But its new security updates are already revealing some serious privacy concerns. The OS update is currently available in beta, and as such, developers and testers have already started to work around iOS 14.

苹果的新iOS 14尚未正式上市。 但是其新的安全更新已经显示出一些严重的隐私问题。 该操作系统更新当前处于beta版本，因此，开发人员和测试人员已开始在iOS 14上运行。

One of the new features notifies users every time clipboard data is being used by a third-party app. During the developer beta stage of iOS14, users discovered that TikTok accesses device clipboard data. The app has been monitoring every few keystrokes even when it was running in the background. TikTok has updated its app since the news came out. But the damage was done. In fact, things had gotten so problematic for TikTok since then that the app is now banned in India, its biggest market.

每当第三方应用使用剪贴板数据时，一项新功能就会通知用户。 在iOS14的开发人员测试版阶段，用户发现TikTok访问设备剪贴板数据。 该应用程序即使在后台运行时也一直在监视每几次击键。 自消息传出以来，TikTok已更新了其应用程序。 但是损害已经造成。 实际上，从那时起，TikTok的问题就变得如此棘手，以至于该应用现在在印度(其最大的市场)被禁止使用。

Another similar incident came in the form of LinkedIn. The Microsoft-owned social media giant was caught copying clipboard data on iOS. Erran Berger, VP Engineering for consumer products at LinkedIn stated that this was traced back to a “code path that only does an equality check between the clipboard contents and the currently typed content in a text box.” He also mentioned that LinkedIn does not store or transmit clipboard data.

另一个类似的事件是以LinkedIn的形式出现的。 微软拥有的社交媒体巨头在iOS上复制剪贴板数据时被捕。 LinkedIn消费产品副总裁Erran Berger 表示 ，这可以追溯到“仅在剪贴板内容与文本框中当前键入内容之间进行相等性检查的代码路径”。 他还提到，LinkedIn不存储或传输剪贴板数据。

Along with TikTok and LinkedIn, Reddit was also found snooping clipboard data. According to a Reddit spokesperson, this was to check the clipboard for URLs when starting a new post. The spokesperson further added that the company does not store or send clipboard data.

除TikTok和LinkedIn外，还发现Reddit监听剪贴板数据。 据Reddit发言人称 ，这是在开始新帖子时检查剪贴板中的URL。 发言人进一步补充说，该公司不存储或发送剪贴板数据。

Following criticism, both Microsoft and Reddit are making changes to the apps to remove the functionality.

受到批评后，Microsoft和Reddit都对应用程序进行了更改，以删除该功能。

But these are not one-off incidents. During the iOS 14 developer beta phase, 53 apps were reported to have been accessing clipboard data for no clear reason. Some of these included known names like Al Jazeera English, NPR, Reuters, PUBG Mobile, Viber, Accuweather. Following the report, several apps have since curbed the practice.

但是这些不是一次性事件。 在iOS 14开发人员测试版阶段， 据报告有53个应用程序正在访问剪贴板数据，但没有明确的原因。 其中一些包括已知名称，例如半岛电视台英语，NPR，路透社，PUBG移动，Viber，Accuweather。 报告发布后，有几款应用程序遏制了这种做法。

新的iOS 14成为隐私的焦点 (The New iOS 14 Is Putting the Spotlight on Privacy)

The main issue with companies monitoring your clipboard data is the ambiguity of the entire process. Prior to the discovery in iOS 14 beta, there was no clear indication as to why apps are accessing users’ clipboard data. Essentially, it is a clear lack of transparency from companies, one that Apple focuses on with the new update.

公司监视剪贴板数据的主要问题是整个过程的歧义。 在iOS 14 Beta中发现之前，没有明确指示应用程序为何访问用户剪贴板数据的原因。 从本质上讲，这显然是公司缺乏透明度，而苹果公司在新更新中着重强调了这一点。

The clipboard data notification is only one of the handful of privacy features to come in iOS 14. One of the key additions is to its App Store, where Apple will require developers to specify what type of data apps will collect. Users can see this information on product pages on the App Store.

剪贴板数据通知只是iOS 14中的少数隐私保护功能之一。其主要新增功能之一是其App Store，Apple将要求开发人员指定应用程序将收集什么类型的数据。 用户可以在App Store的产品页面上查看此信息。

On a device level, Apple has also announced that iOS devices will notify users every time their mic or video is in use. This immediately takes security up a notch and may prove to be a vital one — particularly in a scenario where companies like Facebook are accused of secretly listening to you through your phone.

在设备级别，苹果还宣布，iOS设备将在每次使用其麦克风或视频时通知用户。 这立即使安全性提高了一个等级，并可能被证明是至关重要的等级-特别是在诸如Facebook之类的公司被指控通过您的电话秘密听取您的情况下。

For years, many have pointed the finger at Facebook, claiming that it has been spying on people’s conversations to serve ads. Facebook has vehemently denied the allegations several times. However, the company later admitted that third-party contractors transcribe audio messages on its Messenger app.

多年来，许多人把矛头指向了Facebook，声称它一直在监视人们的对话以投放广告。 Facebook已多次强烈否认这些指控。 但是，该公司后来承认 ，第三方承包商在其Messenger应用上转录音频消息。

科技巨头和缺乏透明度 (Tech Giants and the Lack of Transparency)

Mind you, Facebook is not the only tech company that has been listening to users’ audio in some way or the other. Last year, it was reported that Amazon employs thousands of people to listen to Alexa conversations. The idea is to help Alexa understand human speech better.

请注意，Facebook并不是唯一一直以某种方式收听用户音频的科技公司。 去年，据报道，亚马逊雇用了数千人来收听Alexa对话。 这个想法是为了帮助Alexa更好地理解人类的言语。

Following the report, Amazon stated that “employees do not have direct access to information that can identify the person or account as part of this workflow.” Furthermore, users have the option of opting out from helping to improve the software in its privacy settings.

报告发布后，亚马逊表示：“员工无法直接访问可以识别此工作流程一部分人或帐户的信息。” 此外，用户可以选择不帮助帮助改进软件的隐私设置。

Amazon is not alone in recording user data to improve digital assistants and smart speakers. One investigation reports over 1,000 audio recordings captured by Google. Another revealed Microsoft has been doing something similar for its digital assistant, Cortana. Ironically, even Apple is guilty in this regard.

并非只有亚马逊记录用户数据以改善数字助理和智能扬声器。 一项调查报告了 Google捕获的1000多个录音 。 另一位透露，微软一直在为其数字助理Cortana 做类似的事情 。 具有讽刺意味的是， 就连苹果公司也对此感到内gui。

The underlying problem here is not necessarily the motives for collecting user data (although it still raises questions). But rather, it’s the lack of transparency. If these stories are any indication, it’s that companies need to do better in telling users what happens to their data.

这里的潜在问题不一定是收集用户数据的动机(尽管它仍然引起问题)。 而是缺乏透明度。 如果这些故事有任何迹象，那就是公司需要更好地告诉用户数据发生了什么。

您的举动，Google (Your Move, Google)

On a broader sense of things, Apple’s upcoming privacy features will likely be a call to action for most companies to step up their security game. This includes its competitor, Google.

从广义上讲，苹果公司即将推出的隐私功能可能是大多数公司加强安全游戏的号召性用语。 这包括其竞争对手Google。

The Google Play Store has a notorious history for malware and other security shortcomings. Just a couple of weeks ago, Google removed 25 apps from the Play Store for stealing users’ Facebook credentials.

Google Play商店因恶意软件和其他安全缺陷而臭名昭著。 就在几周前， 谷歌从Play商店删除了25个盗用用户Facebook凭据的应用程序 。

However, Google has taken steps to progressively improve the security of its ecosystem over the past few years. For instance, permission controls on Android 10 have undergone significant upgrades. Its dedicated privacy section allows you to manage permission requests from any app. With Android 11, more granular permissions let you choose how often apps can access this information. Its geolocation controls also follow a similar pattern.

但是，在过去的几年中，谷歌已采取措施逐步改善其生态系统的安全性。 例如，Android 10上的权限控制已进行了重大升级。 其专用的隐私部分允许您管理来自任何应用程序的权限请求。 使用Android 11，可以使用更精细的权限来选择应用程序访问此信息的频率。 其地理位置控制也遵循类似的模式。

But even so, security loopholes continue to plague Google far more frequently than iOS. The upcoming iOS 14 is only going to widen this gap between Android and Apple.

但是即使如此，安全漏洞仍然比Google困扰着Google的频率更高。 即将面世的iOS 14只会拉大Android与Apple之间的差距。

软件更新在Android上是一团糟 (Software Updates Are a Mess on Android)

This contrast in security levels goes back to the open-vs.-closed systems argument. It is true that much of the appeal for Android has been due to choice. Android users have the ability to opt for almost any flavor of the OS of their choosing. Apple does not offer this level of customization. But Apple’s closed-system strategy has given the company total control of its entire ecosystem.

安全级别的这种对比可以追溯到“开放式与封闭式”系统的争论。 的确，对Android的吸引力之所以如此，很大程度上是出于选择。 Android用户可以选择他们所选择的几乎所有操作系统。 Apple不提供此级别的定制。 但是，苹果公司的封闭系统策略使公司可以完全控制整个生态系统。

Furthermore, the company only has a limited number of devices on offer. Thereby, providing security and OS updates is fairly straightforward, with fewer issues over adoption. This is why iOS 14 will be available for iPhone 6S on the same day as iPhone 11 Pro.

此外，该公司仅提供数量有限的设备。 因此，提供安全性和操作系统更新是相当简单的，在采用过程中出现的问题更少。 这就是为什么iOS 14与iPhone 11 Pro在同一天可用于iPhone 6S的原因。

Android, on the other hand, is more complicated. There are millions of Android devices in the market by different manufacturers. On top of this, there are many iterations of Android for each version. With millions of users on different Android versions, it becomes challenging to offer uniform software updates across the entire ecosystem.

另一方面，Android 更复杂 。 不同制造商在市场上有数百万个Android设备。 最重要的是，每个版本都有许多Android版本。 随着数百万用户使用不同的Android版本，在整个生态系统中提供统一的软件更新变得充满挑战。

On the bright side, Google says that Android 10 has seen the fastest adoption among any Android version. The company claimed that it hit 100 million devices within five months. After 300 days, it was at 400 million. That being said, Google is still far behind Apple’s adoption rates. Apple boasts a 92% adoption rate for its latest OS among iPhones.

从好的方面来说，谷歌表示，Android 10在所有Android版本中采用最快 。 该公司声称，在五个月内就达到了1亿台设备。 300天后为4亿。 话虽如此，谷歌仍然远远落后于苹果的采用率。 苹果在其最新的iPhone中拥有92％的采用率。

安全性应继续受到关注 (Security Should Continue Getting the Spotlight)

It is vital that companies in charge of tech ecosystems work towards creating better awareness for users around privacy and security. People might not care enough about security. But better awareness can shift user behavior significantly as a result.

负责技术生态系统的公司必须努力使用户更好地了解隐私和安全性，这一点至关重要。 人们可能不太关心安全性。 但是，更好的意识可以因此大大改变用户的行为。

For example, one iPhone user, Adam Bauer, has sued LinkedIn after the clipboard data revelations. The complaint stated that he was unaware that apps had access to his clipboard data without consent. Had he known, Bauer mentioned that he “would not have used the LinkedIn app.”

例如，一名iPhone用户Adam Bauer在剪贴板数据泄露后起诉了LinkedIn。 投诉说他不知道应用程序未经许可即可访问他的剪贴板数据。 如果知道，鲍尔提到他“不会使用LinkedIn应用程序”。

Undoubtedly, iOS 14 has shone a much-needed light on privacy and security. There is a clear lack of communication between tech company products and their users. The discoveries from the current iOS 14 beta are apt illustrations here.

毫无疑问，iOS 14在隐私和安全方面大有需要。 高科技公司产品与其用户之间显然缺乏沟通。 当前iOS 14 Beta的发现就是此处的恰当例证。

But the spotlight needs to continue to be on security. Companies need to strive to take better care of our data. This is important particularly with the backdrop of coronavirus, where adoption for digital tools keeps rising.

但是，需要继续关注安全性。 公司需要努力更好地照顾我们的数据。 在冠状病毒的背景下，这一点尤其重要，因为在这种背景下，数字工具的采用率不断上升。

So here’s hoping the conversation goes beyond Apple’s iOS 14 and Android to the global tech industry at large. How serious are you about data privacy and security?

因此，这里的对话希望不仅限于Apple的iOS 14和Android，还涉及整个全球科技行业。 您对数据隐私和安全有多认真？

翻译自: https://medium.com/better-programming/the-new-ios-14-is-already-unmasking-serious-privacy-concerns-8601dacdf53b

ios隐私政策